verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 57 Releases Wiki Activity

fix: refs #6272 back & create test
gitea/salix/pipeline/pr-dev This commit looks good Details

This commit is contained in:
Jorge Penadés 2024-02-07 10:16:47 +01:00
parent 46dee65e68
commit aff8ee28ea
5 changed files with 186 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
db/versions/10872-pinkLilium/00-aclUpdateFiscalData.sql Normal file
View File

@ -0,0 +1,3 @@
INSERT INTO salix.ACL (model, property, accessType, permission, principalType, principalId)
VALUES ('Supplier', 'updateAllFiscalData', 'WRITE', 'ALLOW', 'ROLE', 'administrative'),
('Supplier', 'updateFiscalData', 'WRITE', 'ALLOW', 'ROLE', 'buyer');

3
loopback/locale/en.json
View File

@ -206,6 +206,5 @@
"Incorrect pin": "Incorrect pin.", "Incorrect pin": "Incorrect pin.",
"The notification subscription of this worker cant be modified": "The notification subscription of this worker cant be modified", "The notification subscription of this worker cant be modified": "The notification subscription of this worker cant be modified",
"Name should be uppercase": "Name should be uppercase", "Name should be uppercase": "Name should be uppercase",
"Fecha fuera de rango": "Fecha fuera de rango", "You cannot update these fields": "You cannot update these fields"
"There is no zone for these parameters 34": "There is no zone for these parameters 34"
} }

3
loopback/locale/es.json
View File

@ -339,5 +339,6 @@
"No tickets to invoice": "No hay tickets para facturar", "No tickets to invoice": "No hay tickets para facturar",
"Name should be uppercase": "El nombre debe ir en mayúscula", "Name should be uppercase": "El nombre debe ir en mayúscula",
"Bank entity must be specified": "La entidad bancaria es obligatoria", "Bank entity must be specified": "La entidad bancaria es obligatoria",
"An email is necessary": "Es necesario un email" "An email is necessary": "Es necesario un email",
"You cannot update these fields": "No puedes actualizar estos campos"
} }

206
modules/supplier/back/methods/supplier/specs/updateFiscalData.spec.js
View File

@ -1,92 +1,142 @@
const app = require('vn-loopback/server/server'); const models = require('vn-loopback/server/server').models;
const LoopBackContext = require('loopback-context'); const LoopBackContext = require('loopback-context');
describe('Supplier updateFiscalData', () => { describe('Supplier updateFiscalData()', () => {
const supplierId = 1; const supplierId = 1;
const administrativeId = 5; const administrativeId = 5;
const employeeId = 1; const buyerId = 35;
const defaultData = {
name: 'PLANTS SL', const name = 'NEW PLANTS';
nif: '06089160W', const city = 'PONTEVEDRA';
account: '4100000001', const nif = 'A68446004';
sageTaxTypeFk: 4, const account = '4000000005';
sageWithholdingFk: 1, const sageTaxTypeFk = 5;
sageTransactionTypeFk: 1, const sageWithholdingFk = 2;
postCode: '15214', const sageTransactionTypeFk = 2;
city: 'PONTEVEDRA', const postCode = '46460';
provinceFk: 1, const phone = 456129367;
countryFk: 1, const street = ' Fake address 12 3 flat';
const provinceFk = 2;
const countryFk = 1;
const supplierActivityFk = 'animals';
const healthRegister = '400664487H';
let ctx;
let options;
let tx;
beforeEach(async() => {
ctx = {
req: {
accessToken: {userId: buyerId},
headers: {origin: 'http://localhost'},
__: value => value
},
args: {}
}; };
it('should return an error if the user is not administrative', async() => {
const ctx = {req: {accessToken: {userId: employeeId}}};
ctx.args = {};
let error;
await app.models.Supplier.updateFiscalData(ctx, supplierId)
.catch(e => {
error = e;
});
expect(error.message).toBeDefined();
});
it('should check that the supplier fiscal data is untainted', async() => {
const supplier = await app.models.Supplier.findById(supplierId);
expect(supplier.name).toEqual(defaultData.name);
expect(supplier.nif).toEqual(defaultData.nif);
expect(supplier.account).toEqual(defaultData.account);
expect(supplier.sageTaxTypeFk).toEqual(defaultData.sageTaxTypeFk);
expect(supplier.sageWithholdingFk).toEqual(defaultData.sageWithholdingFk);
expect(supplier.sageTransactionTypeFk).toEqual(defaultData.sageTransactionTypeFk);
expect(supplier.postCode).toEqual(defaultData.postCode);
expect(supplier.city).toEqual(defaultData.city);
expect(supplier.provinceFk).toEqual(defaultData.provinceFk);
expect(supplier.countryFk).toEqual(defaultData.countryFk);
});
it('should update the supplier fiscal data and return the count if changes made', async() => {
const activeCtx = {
accessToken: {userId: administrativeId},
};
const ctx = {req: activeCtx};
spyOn(LoopBackContext, 'getCurrentContext').and.returnValue({ spyOn(LoopBackContext, 'getCurrentContext').and.returnValue({
active: activeCtx active: ctx.req
}); });
ctx.args = { options = {transaction: tx};
name: 'WEAPON DEALER', tx = await models.Sale.beginTransaction({});
nif: 'A68446004', options.transaction = tx;
account: '4000000005', });
sageTaxTypeFk: 5,
sageWithholdingFk: 2,
sageTransactionTypeFk: 2,
postCode: '46460',
city: 'VALENCIA',
provinceFk: 2,
countryFk: 1,
supplierActivityFk: 'animals',
healthRegister: '400664487H'
};
const result = await app.models.Supplier.updateFiscalData(ctx, supplierId); afterEach(async() => {
await tx.rollback();
});
expect(result.name).toEqual('WEAPON DEALER'); it('should throw an error if it is a buyer and tries to update forbidden fiscal data', async() => {
expect(result.nif).toEqual('A68446004'); try {
expect(result.account).toEqual('4000000005'); await models.Supplier.updateFiscalData(ctx,
expect(result.sageTaxTypeFk).toEqual(5); supplierId,
expect(result.sageWithholdingFk).toEqual(2); name,
expect(result.sageTransactionTypeFk).toEqual(2); nif,
expect(result.postCode).toEqual('46460'); account,
expect(result.city).toEqual('VALENCIA'); undefined,
expect(result.provinceFk).toEqual(2); sageTaxTypeFk,
expect(result.countryFk).toEqual(1); undefined,
expect(result.supplierActivityFk).toEqual('animals'); sageTransactionTypeFk,
expect(result.healthRegister).toEqual('400664487H'); undefined,
undefined,
undefined,
provinceFk,
countryFk,
supplierActivityFk,
healthRegister,
undefined,
undefined,
options);
} catch (e) {
expect(e.message).toEqual('You cannot update these fields');
}
});
// Restores it('should update the granted fiscal data if it is a buyer', async() => {
ctx.args = defaultData; const supplier = await models.Supplier.updateFiscalData(ctx,
await app.models.Supplier.updateFiscalData(ctx, supplierId); supplierId,
undefined,
undefined,
account,
phone,
undefined,
undefined,
undefined,
postCode,
street,
city,
provinceFk,
undefined,
undefined,
undefined,
undefined,
undefined,
options);
expect(supplier.account).toEqual(account);
expect(supplier.phone).toEqual(phone);
expect(supplier.postCode).toEqual(postCode);
expect(supplier.account).toEqual(account);
expect(supplier.city).toEqual(city);
expect(supplier.provinceFk).toEqual(provinceFk);
});
it('should update all fiscalData if it is an administative', async() => {
const supplier = await models.Supplier.updateFiscalData(ctx,
supplierId,
name,
nif,
account,
phone,
sageTaxTypeFk,
sageWithholdingFk,
sageTransactionTypeFk,
postCode,
street,
city,
provinceFk,
countryFk,
supplierActivityFk,
healthRegister,
undefined,
undefined,
options);
expect(supplier.name).toEqual(name);
expect(supplier.nif).toEqual(nif);
expect(supplier.account).toEqual(account);
expect(supplier.phone).toEqual(phone);
expect(supplier.sageTaxTypeFk).toEqual(sageTaxTypeFk);
expect(supplier.sageWithholdingFk).toEqual(sageWithholdingFk);
expect(supplier.sageTransactionTypeFk).toEqual(sageTransactionTypeFk);
expect(supplier.postCode).toEqual(postCode);
expect(supplier.street).toEqual(street);
expect(supplier.city).toEqual(city);
expect(supplier.provinceFk).toEqual(provinceFk);
expect(supplier.countryFk).toEqual(countryFk);
expect(supplier.supplierActivityFk).toEqual(supplierActivityFk);
expect(supplier.healthRegister).toEqual(healthRegister);
}); });
}); });

91
modules/supplier/back/methods/supplier/updateFiscalData.js
View File

@ -1,75 +1,59 @@
const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethod('updateFiscalData', { Self.remoteMethodCtx('updateFiscalData', {
description: 'Updates fiscal data of a supplier', description: 'Updates fiscal data of a supplier',
accessType: 'WRITE', accessType: 'WRITE',
accepts: [{ accepts: [{
arg: 'ctx',
type: 'Object',
http: {source: 'context'}
},
{
arg: 'id', arg: 'id',
type: 'Number', type: 'Number',
description: 'The supplier id', description: 'The supplier id',
http: {source: 'path'} http: {source: 'path'}
}, }, {
{
arg: 'name', arg: 'name',
type: 'string' type: 'string'
}, }, {
{
arg: 'nif', arg: 'nif',
type: 'string' type: 'string'
}, }, {
{
arg: 'account', arg: 'account',
type: 'any' type: 'any'
}, }, {
{ arg: 'phone',
type: 'string'
}, {
arg: 'sageTaxTypeFk', arg: 'sageTaxTypeFk',
type: 'any' type: 'any'
}, }, {
{
arg: 'sageWithholdingFk', arg: 'sageWithholdingFk',
type: 'any' type: 'any'
}, }, {
{
arg: 'sageTransactionTypeFk', arg: 'sageTransactionTypeFk',
type: 'any' type: 'any'
}, }, {
{
arg: 'postCode', arg: 'postCode',
type: 'any' type: 'any'
}, }, {
{
arg: 'street', arg: 'street',
type: 'any' type: 'any'
}, }, {
{
arg: 'city', arg: 'city',
type: 'string' type: 'string'
}, }, {
{
arg: 'provinceFk', arg: 'provinceFk',
type: 'any' type: 'any'
}, }, {
{
arg: 'countryFk', arg: 'countryFk',
type: 'any' type: 'any'
}, }, {
{
arg: 'supplierActivityFk', arg: 'supplierActivityFk',
type: 'string' type: 'string'
}, }, {
{
arg: 'healthRegister', arg: 'healthRegister',
type: 'string' type: 'string'
}, }, {
{
arg: 'isVies', arg: 'isVies',
type: 'boolean' type: 'boolean'
}, }, {
{
arg: 'isTrucker', arg: 'isTrucker',
type: 'boolean' type: 'boolean'
}], }],
@ -84,15 +68,42 @@ module.exports = Self => {
} }
}); });
Self.updateFiscalData = async(ctx, supplierId) => { Self.updateFiscalData = async(ctx, supplierId, name, nif, account, phone, sageTaxTypeFk, sageWithholdingFk, sageTransactionTypeFk, postCode, street, city, provinceFk, countryFk, supplierActivityFk, healthRegister, isVies, isTrucker, options) => {
const models = Self.app.models; const models = Self.app.models;
const args = ctx.args; const {args} = ctx;
const myOptions = {};
const supplier = await models.Supplier.findById(supplierId); const supplier = await models.Supplier.findById(supplierId);
// Remove unwanted properties if (typeof options == 'object') Object.assign(myOptions, options);
delete args.ctx; delete args.ctx;
delete args.id; delete args.id;
return supplier.updateAttributes(args); const updateAllFiscalData = await models.ACL.checkAccessAcl(ctx, 'Supplier', 'updateAllFiscalData', 'WRITE');
if (!updateAllFiscalData) {
for (const arg in args) {
if (args[arg] && !['street', 'postCode', 'city', 'provinceFk', 'phone'].includes(arg))
throw new UserError('You cannot update these fields');
}
}
return supplier.updateAttributes({
name,
nif,
account,
phone,
sageTaxTypeFk,
sageWithholdingFk,
sageTransactionTypeFk,
postCode,
street,
city,
provinceFk,
countryFk,
supplierActivityFk,
healthRegister,
isVies,
isTrucker
}, myOptions);
}; };
}; };